Lucene search
K

3978 matches found

OSV
OSV
added 2022/01/20 12:0 a.m.24 views

CVE-2022-0277 Incorrect Permission Assignment for Critical Resource in microweber/microweber

Incorrect Permission Assignment for Critical Resource in Packagist microweber/microweber prior to 1.2.11...

6.5CVSS6.5AI score0.01121EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/01/17 12:0 a.m.5 views

The vulnerability of the wireshark traffic analysis program, related to pointer assignment errors, allows a hacker to trigger a service failure.

The vulnerability of the wireshark traffic analysis program is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

6.5CVSS6.8AI score0.01457EPSS
Exploits1References9Affected Software4
Prion
Prion
added 2022/01/14 5:15 p.m.11 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2022/01/14 5:15 p.m.5 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2022/01/14 5:15 p.m.7 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2022/01/14 5:15 p.m.6 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2022/01/14 5:15 p.m.9 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2022/01/14 5:15 p.m.6 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2022/01/14 5:15 p.m.10 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2022/01/14 5:15 p.m.8 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/01/13 12:1 a.m.38 views

Incorrect Permission Assignment for Critical Resource in Jenkins Mailer Plugin

Jenkins Mailer Plugin prior to 408.vd726a1130320 and 1.34.2 does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname. Additionally, this form...

4.3CVSS5.2AI score0.0111EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/01/13 12:1 a.m.21 views

GHSA-558X-H7RG-997V Incorrect Permission Assignment for Critical Resource in Jenkins Mailer Plugin

Jenkins Mailer Plugin prior to 408.vd726a1130320 and 1.34.2 does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname. Additionally, this form...

4.3CVSS4.7AI score0.0111EPSS
Exploits0References5
OSV
OSV
added 2022/01/13 12:1 a.m.26 views

GHSA-GQM2-2GCX-P88W Incorrect Permission Assignment for Critical Resource in Jenkins Credentials Binding Plugin

Jenkins Credentials Binding Plugin prior to 1.27.1 and 1.24.1 does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read access to validate if a credential ID refers to a secret file credential and whether it’s a zip file. Credentials...

4.3CVSS4.7AI score0.00852EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/01/13 12:1 a.m.44 views

Incorrect Permission Assignment for Critical Resource in Jenkins Credentials Binding Plugin

Jenkins Credentials Binding Plugin prior to 1.27.1 and 1.24.1 does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read access to validate if a credential ID refers to a secret file credential and whether it’s a zip file. Credentials...

4.3CVSS4.8AI score0.00852EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/01/13 12:1 a.m.25 views

GHSA-W2MH-6XJ5-F77F Incorrect Permission Assignment for Critical Resource in Jenkins Bitbucket Branch Source Plugin

Jenkins Bitbucket Branch Source Plugin prior to 746.v350d2781c184, 725.vd9f8be0fa250, 2.9.11.2, and 2.9.7.2 does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. Those can be used...

4.3CVSS4.7AI score0.00852EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/01/13 12:1 a.m.23 views

Incorrect Permission Assignment for Critical Resource in Jenkins Bitbucket Branch Source Plugin

Jenkins Bitbucket Branch Source Plugin prior to 746.v350d2781c184, 725.vd9f8be0fa250, 2.9.11.2, and 2.9.7.2 does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. Those can be used...

4.3CVSS4.8AI score0.00852EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/12 12:0 a.m.3 views

The vulnerability of Adobe Premiere Rush software, related to pointer swapping errors, allows a perpetrator to trigger a service failure.

The vulnerability of Adobe Premiere Rush is related to pointer assignment errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.1CVSS6.6AI score0.01374EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/12 12:0 a.m.4 views

The vulnerability of Adobe Premiere Rush software, related to pointer assignment errors, allows a perpetrator to trigger a service failure.

The vulnerability of Adobe Premiere Rush is related to pointer assignment errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.1CVSS6.6AI score0.01374EPSS
Exploits0References3Affected Software1
Microsoft KB
Microsoft KB
added 2022/01/11 8:0 a.m.75 views

Description of the security update for SharePoint Server Subscription Edition: January 11, 2022 (KB5002111)

Description of the security update for SharePoint Server Subscription Edition: January 11, 2022 KB5002111 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft Office remote code execution vulnerability. To learn more about the...

9CVSS10AI score0.03115EPSS
Exploits0
Code423n4
Code423n4
added 2022/01/11 12:0 a.m.9 views

Insurance funds are never unlocked

Handle p4st13r4 Vulnerability details Impact There is a typo in the unlock function, when setting the status of an insurance to false. function unlockuint256 id public require insurancesid.status == true && marketStatus == MarketStatus.Trading && insurancesid.endTime + parameters.getGracemsg.send...

7AI score
Exploits0
Rows per page
Query Builder